System  and method for identity managed collaboration

ABSTRACT

A system and method for identity managed collaboration (IMC) that in various embodiments can provide for: identity management of participants within a collaboration session to set entitlement; identity security for participants to allow participants to determine what identity is projected; participation in a collaboration session in a monitoring mode via a browser without the need to install client software on an access appliance; audio collaboration via a plurality of communication media; and Leave Existing &amp; Add Preferred (LEAP) capability to allow participants to dynamically changes access appliances.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority from U.S. Provisional PatentApplication Ser. No. 60/892,547, filed Mar. 2, 2007, the entirety ofwhich is incorporated herein by reference.

FIELD OF INVENTION

The present invention relates to the field of computer-assistedcollaboration, in particular, to a system and method for identitymanaged collaboration providing audio, video and data collaboration andwhere access to a collaboration session can be via communicationtechnologies including the public switched telephone network (PSTN),mobile (a.k.a. cellular) networks, Internet Protocol (IP) networks andradio networks

BACKGROUND

Computer-supported co-operative work (CSCW) is a field of study thataddresses how collaborative activities and their coordination can besupported by means of computer systems. The embodiments of CSCW providefor people working in groups using the enabling technologies of computernetworking, associated hardware, software, services, and techniques thatare often referred to as groupware, computer-assisted collaboration ormedia-assisted collaboration.

A collaboration session typically involves multiple participants whoaccess the session via any of a plurality of well-know communicationmedium such as, for example, terrestrial telephony (e.g. Public SwitchedTelephony Network (PSTN)), mobile (a.k.a. cellular) telephony (e.g.Global System for Mobile Communications (GSM)), broadband connection(e.g. Internet Protocol (IP)), and other radio-based connections (e.g.Wi-Fi (a.k.a. IEEE 802.11)). Some collaboration systems support the useof different communication media by each of the participants.

Each participant uses a computing-platform based device (i.e. accessappliance) such as, for example, a personal computer, a personal digitalassistant (PDA), a mobile phone, an Internet browser running on any ofthe these devices, and other similar communication devices. Manycurrently available collaboration systems either support a limitedselection devices or require that a collaboration system clientapplication (e.g. Internet browser plug-ins) be loaded and executed onthe device in order to participate in a session. Due to varioussecurity, performance and convenience considerations, many participantswould prefer to be able to use a platform of their choice without theneed to load a collaboration system specific client application.

The collaboration session is hosted by a computing-platform based systemoften referred to as a collaboration server. The collaboration servercan be either a monolithic system or a distributed system includingcomponents shared with other systems. The capabilities of thecollaboration server determines what types of media can be included inthe collaboration session. Media types can, for example, include audio,video and data. Data media can include files, web pages, bit-streams andother similar data representations in a variety of well know encodingformats. The capabilities supported in the collaboration session can befurther determined by parameters managed by an administrator of thecollaboration system.

Each collaboration session typically has a designated organizer whoarranges for the session to be established and who may specifyparameters for the session.

Typically, each participant in the collaboration session isauthenticated before joining the session. When a participant joins, orleaves, the session the event is made known to other participants. Thearrival and departure of a participant is announced using an identityassigned to the participant. Authentication and the identities ofparticipants are typically managed by an administrator of thecollaboration server, the organizer of the collaboration session, or acombination of the two. In some collaboration contexts it is desirablethat the participant be able to control the identity use to identifyhim/her and to announce his/her arrival and departure (e.g. when theparticipant wishes to remain anonymous or wishes to monitor thecollaboration session without the other participants being aware ofhis/her participation). This capability is not provided by currentlyavailable collaboration systems.

Typically collaboration systems are designed to permit each participantto join a collaboration session using any one platform via any onecommunications medium. With a growing diversity of platforms availableand with the every growing pervasiveness of a multitude of communicationmedia, participants want to be able to switch platforms and/orcommunication media while continuing to participate in a collaborationsession. The ability to switch platforms and/or communication mediawould enable a degree of flexibility and mobility not afforded toparticipants by currently available collaboration systems.

Available collaboration systems that demonstration some of theshortcomings described above include WebEX™ (www.webex.com),GoToMeeting® (www.gotomeeting.com), and MicroSoft Office SharePointServe.

What is needed is a system and method for collaboration that permitsparticipants to control their identity in a collaboration session,permits participants to change the access appliance used to access acollaboration session during the course of the session.

SUMMARY OF INVENTION

A system and method for identity managed collaboration (IMC) that invarious embodiments can provide for: identity management of participantswithin a collaboration session to set entitlement; identity security forparticipants to allow participants to determine what identity isprojected; participation in a collaboration session in a monitoring modevia a browser without the need to install client software on an accessappliance; audio collaboration via a plurality of communication media;and Leave Existing & Add Preferred (LEAP) capability to allowparticipants to dynamically changes access appliances.

In accordance with one aspect of the present invention, there isprovided a system for identity managed collaboration, for providing acollaboration session to which each of a plurality of participants canbe connected from one of plurality of access appliances via one of aplurality of communication media, the system comprising: an identity andsession manager for storing, managing, enforcing and applying:collaboration session rules, a plurality of participant entitlements,and a plurality of participant identity security records, the identityand session manager further for, responsive to a notification,announcing the arrival and departure of each participant using anidentity specified in the corresponding participant identity record andresponsive to the corresponding participant entitlements; acollaboration medium module for supporting a plurality of collaborationmedia for use in the collaboration session; an access rules module forthe storage and management of access rules that specify which one of aplurality of access modes will be assigned to each participantresponsive to the communication media used by the participant to connectto the collaboration session; an access control module for assigning anaccess mode to each participant responsive to the communication mediaused by the participant to connect to the collaboration session and tothe corresponding participant entitlement, and for re-assigning anaccess mode when any of the participants switches from one of theplurality of access appliances to another of the access appliances forconnecting with the collaboration session; a connection control module;and a session trigger module for initiating the collaboration session.

The collaboration session rules specify which of the plurality ofcommunication media can be used to connect to the collaboration session,specify which of the plurality of participants can connect to thecollaboration session and identify which of the participants are to becontacted to connect to the collaboration session. The plurality ofparticipant entitlements, each one corresponding to one of a pluralityof participants, each participant entitlement specifying which accessmodes the participant can use, what indicator is to be used to announcethe participants arrival in and departure from the collaborationsession, and the participants privilege to change access applianceswhile connected to the collaboration session. The plurality ofparticipant identity security records, each one corresponding to one ofthe plurality of participants, each participant entitlement specifyingan identity to used to identify the participant to other participants inthe collaboration session.

The connection control module provides functionality including: managingconnections between the system and the participants; allowing anddisallowing connections to the system responsive to collaborationsession rules and the participant entitlement corresponding to eachparticipant; for initiating connections with participants responsive tothe collaboration session rules when the collaboration session isinitiated; accepting connections from participants responsive to thecollaboration session rules and the corresponding participantentitlements; notifying the identity and session manager of theestablishment and termination of a connection to each participant; andproviding audio collaboration continuity when any of the participantsswitches from one of the plurality of access appliances to another ofthe access appliances for connecting with the collaboration session;

In accordance with another aspect of the present invention, there isprovided a method for identity managed collaboration, for providing acollaboration session to which each of a plurality of participants canbe connected from one of plurality of access appliances via one of aplurality of communication media, the method comprising the steps of:creating collaboration session rules that specify which of the pluralityof communication media can be used to connect to the collaborationsession, specify which of the plurality of participants can connect tothe collaboration session and identify which of the participants are tocontacted to connect to the collaboration session; creating a pluralityof participant entitlements, each one corresponding to one of aplurality of participants, each participant entitlement specifying whichaccess modes the participant can use, what indicator is to be used toannounce the participants arrival in and departure from thecollaboration session, and the participants privilege to change accessappliances while connected to the collaboration session; creating aplurality of participant identity security records, each onecorresponding to one of the plurality of participants, each participantentitlement specifying an identity to used to identify the participantto other participants in the collaboration session; creating accessrules that specify which one of a plurality of access modes will beassigned to each participant responsive to the communication media usedby the participant to connect to the collaboration session; initiating acollaboration session, responsive to a trigger, initiating connectionwith participants responsive to the collaboration session rules, andaccepting connections from participants responsive to the collaborationsession rules and the corresponding participant entitlements; assigningan access mode to each participant responsive to the communication mediaused by the participant to connect to the collaboration session and tothe corresponding participant entitlement; announcing the arrival ofeach participant using an identity specified in the correspondingparticipant identity record and responsive to the correspondingparticipant entitlements; providing audio collaboration continuity andre-assigning an access mode when any of the participants switches fromone of the plurality of access appliances to another of the accessappliances for connecting with the collaboration session; and announcingthe departure of each participant using an identity specified in thecorresponding participant identity record and responsive to thecorresponding participant entitlements when the participant leaves thecollaboration session.

In accordance with another aspect of the present invention, there isprovided a computer program product for identity managed collaboration,for providing a collaboration session to which each of a plurality ofparticipants can be connected from one of plurality of access appliancesvia one of a plurality of communication media, the computer programproduct comprising: computer executable instructions, stored on acomputer readable storage medium, for: creating collaboration sessionrules that specify which of the plurality of communication media can beused to connect to the collaboration session, specify which of theplurality of participants can connect to the collaboration session andidentify which of the participants are to contacted to connect to thecollaboration session; creating a plurality of participant entitlements,each one corresponding to one of a plurality of participants, eachparticipant entitlement specifying which access modes the participantcan use, what indicator is to be used to announce the participantsarrival in and departure from the collaboration session, and theparticipants privilege to change access appliances while connected tothe collaboration session; creating a plurality of participant identitysecurity records, each one corresponding to one of the plurality ofparticipants, each participant entitlement specifying an identity toused to identify the participant to other participants in thecollaboration session; creating access rules that specify which one of aplurality of access modes will be assigned to each participantresponsive to the communication media used by the participant to connectto the collaboration session; initiating a collaboration session,responsive to a trigger, initiating connection with participantsresponsive to the collaboration session rules, and accepting connectionsfrom participants responsive to the collaboration session rules and thecorresponding participant entitlements; assigning an access mode to eachparticipant responsive to the communication media used by theparticipant to connect to the collaboration session and to thecorresponding participant entitlement; announcing the arrival of eachparticipant using an identity specified in the corresponding participantidentity record and responsive to the corresponding participantentitlements; providing audio collaboration continuity and re-assigningan access mode when any of the participants switches from one of theplurality of access appliances to another of the access appliances forconnecting with the collaboration session; and announcing the departureof each participant using an identity specified in the correspondingparticipant identity record and responsive to the correspondingparticipant entitlements when the participant leaves the collaborationsession.

Other aspects and features of the present invention will become apparentto those ordinarily skilled in the art or science to which it pertainsupon review of the following description of specific embodiments of theinvention in conjunction with the accompanying figures.

BRIEF DESCRIPTION OF DRAWINGS

The present invention will be described in conjunction with drawings inwhich:

FIG. 1 is a schematic representation of an exemplary embodiment of anidentity managed collaboration system.

FIG. 2 is flow diagram representing the steps in a method for identitymanaged collaboration.

DETAILED DESCRIPTION

A system and method for identity managed collaboration (IMC) toestablish and manage collaboration sessions (CS), having one or morecollaboration media such as, for example, audio, video, sharedworkspaces, and instant messaging (IM). The audio collaboration mediumcan be accessed via any a variety of communication media such as, forexample, time division multiplexing (TDM), Internet Protocol (IP),mobile (including push-to talk), and radio (e.g. Falcon, Single ChannelGround and Airborne Radio System (SINCGAR)). The other collaborationmedia can be accessed via a broadband communication media, oralternatively via an IP or other data protocol supported on any of thecommunication media used for the audio collaboration.

FIG. 1 is a schematic representation of an exemplary embodiment of anidentity managed collaboration system 100 in an exemplary collaborationsession environment. The system 100 comprises: an identity and sessionmanager (ISM) 102, a collaboration medium module 104; an access rulesmodule 106; an access control module 108, a connection control module110, and a session trigger module 112. Participants of a collaborationsession can use a variety of access appliances 304 (e.g. landlinetelephone, mobile telephone, personal computer, PDA) to connect to thesystem 100 via a plurality of connection media 306.

The system 100 controls each of one or more CS based on pre-defined setsof each of the following:

-   -   Collaboration session rules. The rules can include, for example,        which participants can join the CS, which collaboration media        can be used in the CS, which participants are to be contacted to        join the CS (including when they are to be contacted), and which        participants will connect on their own.    -   Individual participant entitlements. Each participant        entitlement can, for example, include:        -   Which collaboration media the participant is permitted to            access in the CS;        -   Participant CS arrival/departure indicators as seen/heard by            other active participants (e.g. whether an indication is            given or the participant remains unannounced);        -   Leave Existing & Add Preferred (LEAP) privileges (i.e. the            ability to change access appliance while maintaining contact            with an established CS);        -   Security level. The security levels can be any of a            plurality of distinguishable levels (preferably ordered).            The security level assigned to a participant can be used to            restrict access to some CS content when the participant's            level is insufficient. The security level can be displayed            to other participants in the CS, this being particularly            advantageous when a participant's identity is anonymous;        -   Communication media. Specifies which communication media 306            the participant is permitted to use; and        -   Which access appliances 304 (e.g. landline telephone, mobile            telephone, soft-phone, PDA, personal computer) can be            utilized by the participant.    -   Participant Identity Security records.        -   The system 100 can mask the true identity of the participant            and in its place project a managed identity defined by the            participant for a specific access method, time, or session.            -   Managed identities can include any of:                -   a directory number (DN) associated with a telephony                    access appliance;                -   an participant name;                -   an identity tag (a.k.a. alias); and                -   an IP address associated with an IP access                    appliance.    -   Access rules determine what access mode will be assigned to an        participant by the system 100, based on the communications        medium used by the participant. The participant's access mode is        adjusted dynamically when the communication medium being used        changes. Access modes can include:        -   Interactive Mode: In this access mode the participant has            access to shared workspaces and IM with the ability to enter            information to the workspaces and alternatively full audio            or video conferencing, as allowed by the specific CS;        -   Audio only Mode: In this access mode the participant has            access to the full audio conference portion of CS;        -   Monitor Mode: In this access mode the participant is            provided all audio, video, IM and shared workspace            information but cannot enter information into those elements            of the CS; and        -   Audio Monitor Mode: In this access mode the participant is            provided Monitor Mode capabilities as described above with            the exception that the audio is a full two-way connection,            allowing the participant to participate in the audio            conference component of the CS.

Based on the aforementioned controls, the system 100 can manage thefollowing for one or more collaboration sessions:

-   -   Shared workspaces such as dynamic whiteboard spaces;    -   Interactive file sharing;    -   Video sources either for providing video conferencing between        participants or the shared viewing of a video feed;    -   Instant Messaging text areas; and    -   Audio conferencing.

Referring again to FIG. 1, the ISM 102 stores one or more collaborationsession rules, a plurality of participant entitlements, and a pluralityof participant identity security records. The IMS 102 supports themanagement (e.g. the creation, modification and deletion) of thecollaboration session rules, the participant entitlements and theparticipant identity security records through an operational controlinterface (OCI) (not illustrated). The collaboration session rules canbe managed by a CS organizer. The participant entitlements can bemanaged by an administrator of the system 100. The participant identitysecurity records can be managed by the individual participants. The ISM102 further provides for the enforcement and application of thecollaboration session rules, the participant entitlements and theparticipant identity security records in each of one or more CS. Thecollaboration medium module 104 provides support for a plurality ofcollaboration media that can be used in each CS such as, for example,audio, dynamically shared workspaces, video and IM. The access rulesmodule 106 provides for the storage and management of a plurality ofaccess rules. The access control module 108 provides for the applicationand enforcement of the access rules stored in the access rules module106 by determining what access mode, as described above, will beassigned to each participant in a CS responsive to the communicationmedium 306 used by the participant. The access control module 108 candynamically change the access mode assigned to a participant during thecourse of a CS when the participant changes the access appliance 304being used. The connection control module 110 manages the connectionsfor both inbound and outbound calls (i.e. access application 304initiated and system 100 initiated) to and from the system 100 andadministers an admission control function for the inbound connections.Connections to the connection control module 110 can be made from aplurality of different access appliances 304 using any a of a pluralityof communication media 206 such as, for example, terrestrial telephony,mobile telephony, broadband and radio networks. The admission controlfunction allows or disallows connections in accordance with thecollaboration session rules and the participant entitlements. Theconnection control module 110 also provides notification to the ISM 102of the establishment and termination of connections by participants.Responsive to the notifications, the ISM 102 can announce the arrivaland departure of a participant in the CS using the identity inaccordance with the participant identity security records. Theconnection control module 110 can provide for continuity of the audiocollaboration medium to a participant when the participant switches froma first access appliance already connected to the CS to a second accessappliance to be connected to the CS in accordance with the participantsLEAP privileges. The participant connects to the system 100 using thesecond access appliance while still connected using the first accessappliance. The connection control module 110 in conjunction with thecollaboration medium module 104 and the ISM 102 provides an audioconnection between the second access appliance and the CS. Theparticipant can then disconnect the first access appliance withoutlosing audio continuity with the CS, and subsequently any other mediasupport in accordance with a determined access mode can be establishedfor the second access appliance in the usual way as described above.

The session trigger module 112 can initiate a CS at a particular timeand date provided by the CS organizer. The organizer can specify whichparticipants are to be contacted to join the CS (see collaborationsession rules described above). The connection control module 110 caninitiate connections to the specified participants responsive to aindication received from the session trigger module 112.

The system 100 enables participants to access the CS via any well-knowtype of access appliance 304 having an Internet browser without therequirement for downloading a client application to the access appliance304. The participant can access any of the CS collaboration media (e.g.audio, video, shared workspace, and IM) via the browser. The system 100further enables participants to access the CS in Audio only Mode via anywell-know access appliance 304 having only audio capability such as, forexample, a landline or mobile telephone.

FIG. 2 is flow diagram representing the steps in a method 200 foridentity managed collaboration. The method 200 can be implemented usingsystem 100 as described above with reference to FIG. 1. In step 202collaboration session rules, as described above, are created oralternatively existing collaboration session rules are modified by theCS organizer. In step 204 participant entitlements, as described above,are created or alternatively existing entitlements are modified by theCS organizer. In step 206, participant identity security records, asdescribed above, are created or alternatively existing participantidentity security records are modified by the corresponding participant.In step 208, access rules, as described above, are created oralternatively existing access rules are modified by the administrator.In step 210, responsive to a CS trigger, a CS is initiated,communications with identified participants is initiated, andconnections are accepted from other participants in accordance with thecollaboration session rules and the individual participant entitlements.In step 212, an access mode is assignment to each participant that joinsthe CS responsive to the communication media used by the participant andin accordance with the access rules and to the participant entitlementcorresponding to the participant. In step 214, the arrival of eachparticipant is announced to the other participants in the CS using theidentity specified in the participant identity security recordcorresponding to the participant. Alternatively, in accordance with theparticipant's entitlement, no announcement is made. In step 216, audiocollaboration continuity is provided and the access mode is adjusted(i.e. modified) responsive to a participant switching from one accessappliance used to connect to the CS to another access appliance. In step218, the departure of each participant is announced to otherparticipants in the CS using the identity specified in the participantidentity security record corresponding to the participant.

The system 100 and method 200 for IMC provide for:

-   -   Identity management of participants within a collaboration        session to set entitlements;    -   Identity security for participants to allow participants to        determine what identity is projected;    -   Monitoring capability via any browser without the need to        install software clients on an access appliance;    -   Audio collaboration including IP, cellular, PSTN and radio end        points;    -   LEAP function to allow participants to dynamically shift (i.e.        change between) access appliances; and    -   Inclusion of small-screen mobile devices as full participants in        the collaboration session, without the use of downloaded        ‘clients’.

According to the present invention, the system 100 and method 200 forIMC can be implemented using a computer program product comprisingcomputer executable program instructions stored on a computer-readablestorage medium.

Numerous modifications and departures from the specific embodimentsdescribed herein may be made without departing from the spirit and scopeof the present invention.

The following session examples are provided to illustrate thecapabilities of the system 100 and method 200 for IMC.

Example Session—Border Security:

-   -   An alarm triggers a collaboration session to a designated        response team. The IMC system contacts all team members and        enters them into the session.    -   Team members who are not on allowed access appliances or        operating from qualified IP addresses, are challenged and their        identity verified prior to being allowed access to the session.    -   The team shares available information via audio, video, and        shared workspaces. The IMC system projects a video image from an        area of interest onto a shared workspace, where team members        identify specific points of interest. The indicated points are        shared among all members of the team.    -   One of the team members (the mobile member) is sent to        investigate the alarm and using the LEAP function transfers the        session from his/her PC to his/her WiMax PDA. The IMC system        automatically connects the audio component and, via the PDA's        standard browser, provides the team member access to the shared        workspace and video components of the session.    -   The mobile team member stays in the session as he/she        investigates the alarm. Automatic audio/video/data recordings        that were created during the session and other event data are        archived.    -   Once the situation is resolved the session can be terminated or        maintained for an immediate action follow-up or debriefing        session.

Example Session—Corporate Training:

-   -   A new manufacturing tool is being introduced into a company with        distributed production facilities.    -   Corporate Training establishes a collaboration session between        designated personnel and the new product team. The IMC system        contacts all session members and enters them into the session.    -   Session members are challenged and their identity verified prior        to being allowed access to the session.    -   The product team shares available information via audio, video,        and shared workspaces. The IMC system projects a video image        from an area of interest onto a shared workspace, where the        interactive training of members is conducted. Points of interest        can be brought out and shared with all team members.    -   Site-specific issues can be resolved on-line in a corporate        session or dealt with in separate sessions at each individual        site.    -   Automatic audio/video/data recordings that were created during        the session and other event data are archived and can be        replayed by the members as a training refresher.

Example Session—Contract Management:

-   -   A company has a prime contract with a variety of distributed        sub-contactors.    -   Program review sessions between the sub-contactors and the prime        are conducted on a regular basis.    -   The prime establishes IMC sessions with each individual        sub-contractor and/or global sessions including multiple        sub-contractors.    -   The IMC system contacts all session members and enters them into        the session.    -   Session members are challenged and their identity verified prior        to being allowed access to the session.    -   The review team shares available information via audio, video,        and shared workspaces where the interactive review of progress        is conducted.    -   Points of interest from each site can be brought out and shared        with all team members.    -   Specific issues can be resolved on-line in a review session or        dealt with in separate sessions for each individual issue.    -   Automatic audio/video/data recordings that were created during        the session and other event data are archived and can be        replayed by the members and used as a contract        performance-tracking vehicle.

Corporate Example—Global Sales Review:

-   -   The sales team of a multi-national corporation is having its        weekly checkpoint call with its ten key sales persons. The sales        admin triggers the sales call and the IMC system calls out to        each person's Personal Number (PN). As team members answer, they        are placed into audio conference.    -   One team member is in a foreign location and has re-chipped his        PDA/cell phone to a local number to cut costs . . . the new        number was entered into his/her PN and thus is transparent to        setting up the call. The individual also connects to the session        via WiFi, and a PDA browser.    -   Another team member misses the call but calls back the Directory        Number of the missed call and is placed into the established        session.    -   A third member takes the call on his/her cell, and also accesses        the session on a hotel's business center PC browser.    -   One team member is unavailable and misses the call. All other        participants access the session via PCs and soft phones on the        PCs.    -   The Sales VP launches a shared workspace collaboration and        displays the current sales forecast. The IMC system        automatically detects the access device used by each member and        sets the correct access mode for each.    -   The participants in Interactive Mode dynamically adjust their        individual sales numbers. The participants in Monitor Mode see        the changes and provide their input verbally. All session        participants are seeing the changes to the sales forecast in        real time. The IMC system manages the inputs so conflicts from        simultaneous changes to the same workspace do not occur.    -   During the session the team jointly adjusts a new marketing        poster.    -   When the sales session is terminated, an audio/video/data        recording of the session is stored so that the individual who        missed the session can retrieve the recording later and review        the events that occurred during the session.

1. A system for identity managed collaboration, for providing acollaboration session to which each of a plurality of participants canbe connected from one of plurality of access appliances via one of aplurality of communication media, the system comprising: an identity andsession manager for storing, managing, enforcing and applying:collaboration session rules that specify which of the plurality ofcommunication media can be used to connect to the collaboration session,specify which of the plurality of participants can connect to thecollaboration session and identify which of the participants are to becontacted to connect to the collaboration session; a plurality ofparticipant entitlements, each one corresponding to one of a pluralityof participants, each participant entitlement specifying which accessmodes the participant can use, what indicator is to be used to announcethe participants arrival in and departure from the collaborationsession, and the participants privilege to change access applianceswhile connected to the collaboration session; and a plurality ofparticipant identity security records, each one corresponding to one ofthe plurality of participants, each participant entitlement specifyingan identity to used to identify the participant to other participants inthe collaboration session; the identity and session manager further for,responsive to a notification, announcing the arrival and departure ofeach participant using an identity specified in the correspondingparticipant identity record and responsive to the correspondingparticipant entitlements; a collaboration medium module for supporting aplurality of collaboration media for use in the collaboration session;an access rules module for the storage and management of access rulesthat specify which one of a plurality of access modes will be assignedto each participant responsive to the communication media used by theparticipant to connect to the collaboration session; an access controlmodule for assigning an access mode to each participant responsive tothe communication media used by the participant to connect to thecollaboration session and to the corresponding participant entitlement,and for re-assigning an access mode when any of the participantsswitches from one of the plurality of access appliances to another ofthe access appliances for connecting with the collaboration session; aconnection control module for: managing connections between the systemand the participants; allowing and disallowing connections to the systemresponsive to collaboration session rules and the participantentitlement corresponding to each participant; initiating connectionswith participants responsive to the collaboration session rules when thecollaboration session is initiated; accepting connections fromparticipants responsive to the collaboration session rules and thecorresponding participant entitlements; notifying the identity andsession manager of the establishment and termination of a connection toeach participant; and providing audio collaboration continuity when anyof the participants switches from one of the plurality of accessappliances to another of the access appliances for connecting with thecollaboration session; and a session trigger module for initiating thecollaboration session.
 2. A method for identity managed collaboration,for providing a collaboration session to which each of a plurality ofparticipants can be connected from one of plurality of access appliancesvia one of a plurality of communication media, the method comprising thesteps of: creating collaboration session rules that specify which of theplurality of communication media can be used to connect to thecollaboration session, specify which of the plurality of participantscan connect to the collaboration session and identify which of theparticipants are to contacted to connect to the collaboration session;creating a plurality of participant entitlements, each one correspondingto one of a plurality of participants, each participant entitlementspecifying which access modes the participant can use, what indicator isto be used to announce the participants arrival in and departure fromthe collaboration session, and the participants privilege to changeaccess appliances while connected to the collaboration session; creatinga plurality of participant identity security records, each onecorresponding to one of the plurality of participants, each participantentitlement specifying an identity to used to identify the participantto other participants in the collaboration session; creating accessrules that specify which one of a plurality of access modes will beassigned to each participant responsive to the communication media usedby the participant to connect to the collaboration session; initiating acollaboration session, responsive to a trigger, initiating connectionwith participants responsive to the collaboration session rules, andaccepting connections from participants responsive to the collaborationsession rules and the corresponding participant entitlements; assigningan access mode to each participant responsive to the communication mediaused by the participant to connect to the collaboration session and tothe corresponding participant entitlement; announcing the arrival ofeach participant using an identity specified in the correspondingparticipant identity record and responsive to the correspondingparticipant entitlements; providing audio collaboration continuity andre-assigning an access mode when any of the participants switches fromone of the plurality of access appliances to another of the accessappliances for connecting with the collaboration session; and announcingthe departure of each participant using an identity specified in thecorresponding participant identity record and responsive to thecorresponding participant entitlements when the participant leaves thecollaboration session.
 3. A computer program product for identitymanaged collaboration, for providing a collaboration session to whicheach of a plurality of participants can be connected from one ofplurality of access appliances via one of a plurality of communicationmedia, the computer program product comprising: computer executableinstructions, stored on a computer readable storage medium, for:creating collaboration session rules that specify which of the pluralityof communication media can be used to connect to the collaborationsession, specify which of the plurality of participants can connect tothe collaboration session and identify which of the participants are tocontacted to connect to the collaboration session; creating a pluralityof participant entitlements, each one corresponding to one of aplurality of participants, each participant entitlement specifying whichaccess modes the participant can use, what indicator is to be used toannounce the participants arrival in and departure from thecollaboration session, and the participants privilege to change accessappliances while connected to the collaboration session; creating aplurality of participant identity security records, each onecorresponding to one of the plurality of participants, each participantentitlement specifying an identity to used to identify the participantto other participants in the collaboration session; creating accessrules that specify which one of a plurality of access modes will beassigned to each participant responsive to the communication media usedby the participant to connect to the collaboration session; initiating acollaboration session, responsive to a trigger, initiating connectionwith participants responsive to the collaboration session rules, andaccepting connections from participants responsive to the collaborationsession rules and the corresponding participant entitlements; assigningan access mode to each participant responsive to the communication mediaused by the participant to connect to the collaboration session and tothe corresponding participant entitlement; announcing the arrival ofeach participant using an identity specified in the correspondingparticipant identity record and responsive to the correspondingparticipant entitlements; providing audio collaboration continuity andre-assigning an access mode when any of the participants switches fromone of the plurality of access appliances to another of the accessappliances for connecting with the collaboration session; and announcingthe departure of each participant using an identity specified in thecorresponding participant identity record and responsive to thecorresponding participant entitlements when the participant leaves thecollaboration session.